Lines 100-106
Link Here
|
100 |
from portage.const import VDB_PATH, PRIVATE_PATH, CACHE_PATH, DEPCACHE_PATH, \ |
100 |
from portage.const import VDB_PATH, PRIVATE_PATH, CACHE_PATH, DEPCACHE_PATH, \ |
101 |
USER_CONFIG_PATH, MODULES_FILE_PATH, CUSTOM_PROFILE_PATH, PORTAGE_BASE_PATH, \ |
101 |
USER_CONFIG_PATH, MODULES_FILE_PATH, CUSTOM_PROFILE_PATH, PORTAGE_BASE_PATH, \ |
102 |
PORTAGE_BIN_PATH, PORTAGE_PYM_PATH, PROFILE_PATH, LOCALE_DATA_PATH, \ |
102 |
PORTAGE_BIN_PATH, PORTAGE_PYM_PATH, PROFILE_PATH, LOCALE_DATA_PATH, \ |
103 |
EBUILD_SH_BINARY, SANDBOX_BINARY, BASH_BINARY, \ |
103 |
EBUILD_SH_BINARY, SANDBOX_BINARY, MACOSSANDBOX_BINARY, MACOSSANDBOX_PROFILE, BASH_BINARY, \ |
104 |
MOVE_BINARY, PRELINK_BINARY, WORLD_FILE, MAKE_CONF_FILE, MAKE_DEFAULTS_FILE, \ |
104 |
MOVE_BINARY, PRELINK_BINARY, WORLD_FILE, MAKE_CONF_FILE, MAKE_DEFAULTS_FILE, \ |
105 |
DEPRECATED_PROFILE_FILE, USER_VIRTUALS_FILE, EBUILD_SH_ENV_FILE, \ |
105 |
DEPRECATED_PROFILE_FILE, USER_VIRTUALS_FILE, EBUILD_SH_ENV_FILE, \ |
106 |
INVALID_ENV_FILE, CUSTOM_MIRRORS_FILE, CONFIG_MEMORY_FILE,\ |
106 |
INVALID_ENV_FILE, CUSTOM_MIRRORS_FILE, CONFIG_MEMORY_FILE,\ |
Lines 2188-2193
Link Here
|
2188 |
if bsd_chflags: |
2188 |
if bsd_chflags: |
2189 |
self.features.add('chflags') |
2189 |
self.features.add('chflags') |
2190 |
|
2190 |
|
|
|
2191 |
if not portage.process.macossandbox_capable and \ |
2192 |
("macossandbox" in self.features or "macosusersandbox" in self.features): |
2193 |
if self.profile_path is not None and \ |
2194 |
os.path.realpath(self.profile_path) == \ |
2195 |
os.path.realpath(PROFILE_PATH): |
2196 |
""" Don't show this warning when running repoman and the |
2197 |
sandbox feature came from a profile that doesn't belong to |
2198 |
the user.""" |
2199 |
writemsg(colorize("BAD", "!!! Problem with macos sandbox" + \ |
2200 |
" binary. Disabling...\n\n"), noiselevel=-1) |
2201 |
if "macossandbox" in self.features: |
2202 |
self.features.remove("macossandbox") |
2203 |
if "macosusersandbox" in self.features: |
2204 |
self.features.remove("macosusersandbox") |
2205 |
|
2191 |
self["FEATURES"] = " ".join(sorted(self.features)) |
2206 |
self["FEATURES"] = " ".join(sorted(self.features)) |
2192 |
self.backup_changes("FEATURES") |
2207 |
self.backup_changes("FEATURES") |
2193 |
global _glep_55_enabled, _validate_cache_for_unsupported_eapis |
2208 |
global _glep_55_enabled, _validate_cache_for_unsupported_eapis |
Lines 3883-3895
Link Here
|
3883 |
# fake ownership/permissions will have to be converted to real |
3898 |
# fake ownership/permissions will have to be converted to real |
3884 |
# permissions in the merge phase. |
3899 |
# permissions in the merge phase. |
3885 |
fakeroot = fakeroot and uid != 0 and portage.process.fakeroot_capable |
3900 |
fakeroot = fakeroot and uid != 0 and portage.process.fakeroot_capable |
|
|
3901 |
macossandbox = ("macossandbox" in features or \ |
3902 |
"macosusersandbox" in features) |
3886 |
if droppriv and not uid and portage_gid and portage_uid: |
3903 |
if droppriv and not uid and portage_gid and portage_uid: |
3887 |
keywords.update({"uid":portage_uid,"gid":portage_gid, |
3904 |
keywords.update({"uid":portage_uid,"gid":portage_gid, |
3888 |
"groups":userpriv_groups,"umask":002}) |
3905 |
"groups":userpriv_groups,"umask":002}) |
3889 |
if not free: |
3906 |
if not free: |
3890 |
free=((droppriv and "usersandbox" not in features) or \ |
3907 |
free=((droppriv and "usersandbox" not in features and |
|
|
3908 |
"macosusersandbox" not in features) or \ |
3891 |
(not droppriv and "sandbox" not in features and \ |
3909 |
(not droppriv and "sandbox" not in features and \ |
3892 |
"usersandbox" not in features and not fakeroot)) |
3910 |
"usersandbox" not in features and not fakeroot and \ |
|
|
3911 |
not macossandbox)) |
3912 |
|
3913 |
# confining the process to a prefix sandbox is disabled by default, if |
3914 |
# a normal sandbox is requested a this point, it will be used, if no |
3915 |
# sandbox is requested, a prefix sandbox will be imposed if requested |
3916 |
# by the appropriate features |
3917 |
prefixsandbox = False |
3918 |
if free: |
3919 |
prefixsandbox = "macosprefixsandbox" in features |
3920 |
free = not prefixsandbox |
3893 |
|
3921 |
|
3894 |
if free or "SANDBOX_ACTIVE" in os.environ: |
3922 |
if free or "SANDBOX_ACTIVE" in os.environ: |
3895 |
keywords["opt_name"] += " bash" |
3923 |
keywords["opt_name"] += " bash" |
Lines 3898-3903
Link Here
|
3898 |
keywords["opt_name"] += " fakeroot" |
3926 |
keywords["opt_name"] += " fakeroot" |
3899 |
keywords["fakeroot_state"] = os.path.join(mysettings["T"], "fakeroot.state") |
3927 |
keywords["fakeroot_state"] = os.path.join(mysettings["T"], "fakeroot.state") |
3900 |
spawn_func = portage.process.spawn_fakeroot |
3928 |
spawn_func = portage.process.spawn_fakeroot |
|
|
3929 |
elif macossandbox: |
3930 |
keywords["opt_name"] += " macossandbox" |
3931 |
if prefixsandbox: |
3932 |
sbprefixpath = mysettings["EPREFIX"] |
3933 |
else: |
3934 |
sbprefixpath = mysettings["PORTAGE_BUILDDIR"] |
3935 |
|
3936 |
# escape some characters with special meaning in re's |
3937 |
sbprefixre = sbprefixpath.replace("+", "\+") |
3938 |
sbprefixre = sbprefixre.replace("*", "\*") |
3939 |
sbprefixre = sbprefixre.replace("[", "\[") |
3940 |
sbprefixre = sbprefixre.replace("[", "\[") |
3941 |
|
3942 |
sbprofile = MACOSSANDBOX_PROFILE |
3943 |
sbprofile = sbprofile.replace("@@WRITEABLE_PREFIX@@", sbprefixpath) |
3944 |
sbprofile = sbprofile.replace("@@WRITEABLE_PREFIX_RE@@", sbprefixre) |
3945 |
|
3946 |
keywords["profile"] = sbprofile |
3947 |
spawn_func = portage.process.spawn_macossandbox |
3901 |
else: |
3948 |
else: |
3902 |
keywords["opt_name"] += " sandbox" |
3949 |
keywords["opt_name"] += " sandbox" |
3903 |
spawn_func = portage.process.spawn_sandbox |
3950 |
spawn_func = portage.process.spawn_sandbox |
Lines 6996-7008
Link Here
|
6996 |
restrict = mysettings["PORTAGE_RESTRICT"].split() |
7043 |
restrict = mysettings["PORTAGE_RESTRICT"].split() |
6997 |
nosandbox = (("userpriv" in features) and \ |
7044 |
nosandbox = (("userpriv" in features) and \ |
6998 |
("usersandbox" not in features) and \ |
7045 |
("usersandbox" not in features) and \ |
|
|
7046 |
("macosusersandbox" not in features) and \ |
6999 |
"userpriv" not in restrict and \ |
7047 |
"userpriv" not in restrict and \ |
7000 |
"nouserpriv" not in restrict) |
7048 |
"nouserpriv" not in restrict) |
7001 |
if nosandbox and ("userpriv" not in features or \ |
7049 |
if nosandbox and ("userpriv" not in features or \ |
7002 |
"userpriv" in restrict or \ |
7050 |
"userpriv" in restrict or \ |
7003 |
"nouserpriv" in restrict): |
7051 |
"nouserpriv" in restrict): |
7004 |
nosandbox = ("sandbox" not in features and \ |
7052 |
nosandbox = ("sandbox" not in features and \ |
7005 |
"usersandbox" not in features) |
7053 |
"usersandbox" not in features and \ |
|
|
7054 |
"macosusersandbox" not in features) |
7006 |
|
7055 |
|
7007 |
sesandbox = mysettings.selinux_enabled() and \ |
7056 |
sesandbox = mysettings.selinux_enabled() and \ |
7008 |
"sesandbox" in mysettings.features |
7057 |
"sesandbox" in mysettings.features |